The ITU's DPI standard - that's something to be afraid of!
- Author: Monica Horten
- Published: 06 December 2012
Probably the most scary document I have ever read.
It's a technical document written for engineers. Its aim is to translate the customer requirements, as passed to them by their commercial colleagues, in order to set a standard for the industry, so that all of the equipment from different manufacturers will work together. Customers - the ISPs and network providers - will have the choice of competitive product offers, safe in the knowledge that they don't have to change out all of their equipment.
What makes this one special is that it gives life to the fears of all those concerned about how networks and governments could control not just the Internet, but us.
Ever since I first heard about deep packet inspection, in about 2008, I tried to understand what it is, and what it can do. Way back then, I discovered that it had been logged for standards work within the so-called Next generation network or NGA. The NGA is what engineers call the development of new broadband Internet infrastructure equipment - the routers and management systems that comprise the physical network.
I figured out just how much of yours and mine network traffic can be visible to the ISPs if they have the right system tools. A little later, I learned about the industry product road map, still an engineering level, to build DPI into every network system. ( See Traffic management - how deep packet engines will shape the Internet slow lane ).
DPI is like the heavy armour. Or to use a different analogy, it is like rolling out tanks down every street. Only they will be tanks with infra-red periscopes, able to spot your tiniest move, around any corner, by day or night. And they will be able to control where you can and can't go.
This document confirms my findings. What is it? It is document number Y.2770, entitled Requirements for deep packet inspection in Next Generation Networks. It sets out recommendations for a technical standard for deep packet inspection. It was adopted at the end of last month by a special group within the ITU, known as the World Telecommunication Standardization Assembly (WTSA-12), which met prior to this month's World Congress (WCIT-12).
That means it is an official document for people working in the telecoms industry, and it will be used by those developing DPI equipment.
Its author appears to be Chinese, and is working with the Telecommunications Technology Association. This is a Korean-based telecoms standards body, that appears to be a joint venture between the Koreans, Chinese and Japanese.
The Y.2770 document outlines a suite of requirements that will make authoritarian governments and the copyright industries, very happy. For example, DPI systems will have to be capable of detecting Bittorrent, eDonkey, multi-channel media, video, file transfer, voice telephony. They must be capable of detecting and blocking computer games traffic.
Under Y.2770, DPI systems will shape applications traffic, executed on a per packet basis. They will police peer-to-peer traffic and other applications. They will mark specific packet types. They will detect 'abnormal' traffic - which of course, could be for genuine security applications, but might not be.
Y.2770 DPI will block packets carrying data attachments of pre-determined sizes. They will use statistical analysis where traffic is encrypted.
Do you want me to go on, or is that enough?
Deep packet inspection systems, designed to Y.2770, will take action on an application-dependent basis, using built-in rules. DPI will look for audio content that is copyright protected and where stipulated, delete the audio.
This can be done by country, right down to the individual. They can even detect who your employer is, and take pre-determined actions if a rule is given.
One aspect that particularly worries me is the inclusion of FTP in the Y.2770 specification. This means that networks will be monitoring everyone who runs a website, and potentially could be asked to block you from uploading content.
This Y.2770 document is controlled by the Chinese. Far from being just an engineer's technical specification, it has major political ramifications, and should not be permitted to go any further until there has been democratic debate. (See EU asks: should we regulate deep packet inspection? )
The list of functions is a censor's dream. That why, for me, this document is a nightmare.
This is an original article from Iptegrity.com. If you refer to it or to its content, you should cite my name as the author, and provide a link back to iptegrity.com. Media and Academics - please cite as Monica Horten, The ITU's DPI standard - that's something to be afraid of ! in www.iptegrity.com, 6 December 2012 . Commercial users - please contact me.
- Article Views: 21654
IPtegrity politics
- Online Safety and the Westminster honey trap
- Shadow bans: EU and UK diverge on user redress
- EU at loggerheads over chat control
- Why the Online Safety Act is not fit for purpose
- Fixing the human rights failings in the Online Safety Act
- Whatever happened to the AI Bill?
- Hidden effects of the UK Online Safety Act
- EU puts chat control on back burner
- Why did X lock my account for not providing my birthday?
- Creation of deep fakes to be criminal offence under new law
- AI and tech: Asks for the new government
- How WhatsApp holds structural power
- Meta rolls out encryption as political headwinds ease
- EU law set for new course on child online safety
- Online Safety Act: Ofcom’s 1700-pages of tech platform rules
- MEPs reach political agreement to protect children and privacy
- Online Safety - a non-consensual Act
About Iptegrity
Iptegrity.com is the website of Dr Monica Horten, independent policy advisor: online safety, technology and human rights. Advocating to protect the rights of the majority of law abiding citizens online. Independent expert on the Council of Europe Committee of Experts on online safety and empowerment of content creators and users. Published author, and post-doctoral scholar, with a PhD from the University of Westminster, and a DipM from the Chartered Institute of Marketing. Former telecoms journalist, experienced panelist and Chair, cited in the media eg BBC, iNews, Times, Guardian and Politico.
Online Safety
- Online Safety and the Westminster honey trap
- Shadow bans: EU and UK diverge on user redress
- Why the Online Safety Act is not fit for purpose
- Fixing the human rights failings in the Online Safety Act
- Hidden effects of the UK Online Safety Act
- Why did X lock my account for not providing my birthday?
- Online Safety Act: Ofcom’s 1700-pages of tech platform rules
- Online Safety - a non-consensual Act
- Online Safety Bill passes as US court blocks age-checks law
- Online Safety Bill: ray of hope for free speech
- National Crime Agency to run new small boats social media centre
- Online Safety Bill: does government want to snoop on your WhatsApps?
- What is content of democratic importance?
- Online Safety Bill: One rule for them and another for us
- Online Safety Bill - Freedom to interfere?